Week 6 in Review – 2012

ShmooCon Epilogue 2012 – irongeek.com
These are the videos I have for ShmooCon Epilogue 2012. Georgia recorded the live parts, and my rig was used for the slides. Sorry that there are some missing talks, Georgia may have them on her site.

ShmooCon 2012 FireTalks – Update 8 (Videos from Saturday) – novainfosecportal.com
To follow up with Friday’s post re getting a lot of the other awesome ShmooCon Firetalks out there, here is the complete line up from Saturday night. And if you are interested in seeing all the talks from each night, IronGeek has just put out a post with two longer videos from each evening.

FOSDOM Presentation

Sandbox applications quickly with KVM or LXC – h-online.com
In the “Building application sandboxes on top of LXC and KVM with libvirt” FOSDEM presentation, Red Hat developer Daniel Berrange introduced libvirt-sandbox, which confines individual applications in a secured area (“sandbox”) using the KVM (Kernel-based Virtual Machine) virtualisation solution or LXC (Linux Containers).

DoD Cyber Crime Conference Presentation: Recipes for Remediation – blog.mandiant.com
Wendi Rafferty and I presented at the DoD Cyber Crime conference in Atlanta, GA. Our presentation, “Recipes for Remediation: Key Ingredients for Building a More Resilient Security Program,” has been posted to the MANDIANT Archive Presentations page here.

How Offensive Research Drives Down the Cost of Attacks – threatpost.com
CANCUN–The offensive security research community has evolved in the last decade or so from a relatively small and insular group inwardly focused, to a large and rather vocal group with a wide variety of motives, opinions and skill levels.

Maximizing Value in Pen Testing – pen-testing.sans.org
The penetration testing business faces a great danger as more and more people jump into the field offering very low-value penetration tests that are little better than an automated vulnerability scan. In this article, we’ll discuss how to conduct your tests and write up results so that they can provide significant business value to the target organization.

Qubes Beta 3! – theinvisiblethings.blogspot.com
A new ISO with the just released Qubes Beta 3 is now available for download here.

THC-HYDRA v7.2 – thc.org
“THC-HYDRA is a very fast network logon cracker which support many different services. This tool is a proof of concept code, to give researchers and security consultants the possibility to show how easy it would be to gain unauthorized access from remote to a system. It was tested to compile cleanly on Linux, Windows, Cygwin, Solaris, FreeBSD and OSX.”

TrueCrypt 7.1a – truecrypt.org
TrueCrypt is a software system for establishing and maintaining an on-the-fly-encrypted drive. On-the-fly encryption means that data are automatically encrypted or decrypted right before they are loaded or saved, without any user intervention.

Improving and Adding More Pentesting Tools for BackTrack 5 – theprojectxblog.net
For BackTrack users out there, I found a good shell script which is bt5-fish.sh that fixes your BackTrack 5 installation and adds more open source penetration testing tools. The tools / packages will be installed / converted to svn installs.

Techniques

JSON CSRF with Parameter Padding – blog.opensecurityresearch.com
The JavaScript Object Notation (JSON) format is one of the prominent data exchange formats of the contemporary web applications. When a web application implements JSON, Cross Site Request Forgery (CSRF) payload delivery gets bit tricky because of query string and JSON format mismatch. With couple of tricks however, we can successfully execute CSRF attacks with JSON payloads.

Direct Shellcode Execution via MS Office Macros with Metasploit – carnal0wnage.attackresearch.com
scriptjunkie recently had a post on Direct shellcode execution in MS Office macros I didnt see it go into the metasploit trunk, but its there. How to generate macro code is in the post but i’ll repost it here so i dont have to go looking for it elsewhere later.

Hacking Cradle Point Routers – Obscurity at the Peak – zeroknock.blogspot.com
Cradle-point wireless routers are used heavily for setting small networks. However, Cradle-point uses interesting MAC specific authentication credentials which are unique for every router because of the MAC address uniqueness.

MindshaRE: IDAception – dvlabs.tippingpoint.com
If you’ve ever tried collaborating with other people while reverse engineering a vulnerability your process probably includes some tedious steps, like transferring.

Satellite Phone Encryption Cracked – telegraph.co.uk
German academics said they had cracked two encryption systems used to protect satellite phone signals and that anyone with cheap computer equipment and radio could eavesdrop on calls over an entire continent. Hundreds of thousands of satellite phone users are thought to be affected.

‘CVE-2012-0056 Metasploit Exploit – pastebin.com
This file is part of the Metasploit Framework and may be subject toredistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use.

Google to strip Chrome of SSL revocation checking – arstechnica.com
Google’s Chrome browser will stop relying on a decades-old method for ensuring secure sockets layer certificates are valid after one of the company’s top engineers compared it to seat belts that break when they are needed most.

Hacker Sentenced to 30 Months in Prison – securityweek.com
A hacker who tried to land an IT job at Marriott by hacking into the company’s computer systems and then unwisely extorting the company into hiring him, has been sentenced to 30 months in prison.

Hackers hit CIA, UN Web sites – news.cnet.com
With the CIA site inaccessible, the Twitter account for @YourAnonNews tweeted “CIA TANGO DOWN: cia.gov #Anonymous” and included a link to a news story about the outage on Russian site RT.com.

Leave A Comment

About Us

Infosec Events is dedicated to the growing information security industry. We strive to provide useful information and resources to those in the industry. Don't hesitate to contact us should you need anything.